CVE-2026-3289 identifies a path traversal vulnerability in Sanluan PublicCMS version 6.202506.d, specifically within the saveMetadata function of the TemplateCacheComponent.java file, which is part of the Template Cache Generation component. Path traversal vulnerabilities allow attackers to manipulate file paths to access files and directories outside the intended scope, potentially leading to unauthorized file read or write operations. This vulnerability can be exploited remotely without user interaction, but it requires low privileges on the system (PR:L). The CVSS 4.0 score of 5.3 reflects a medium severity, considering the attack vector is network-based (AV:N), with low attack complexity (AC:L), no user interaction (UI:N), and no privileges required for attack initiation (AT:N) but low privileges needed (PR:L). The vulnerability impacts confidentiality, integrity, and availability to a limited degree (VC:L, VI:L, VA:L). The vendor was contacted early but did not respond or provide a patch, and a public exploit is available, increasing the risk of exploitation. The vulnerability could allow attackers to read or write arbitrary files on the server hosting PublicCMS, potentially exposing sensitive data or enabling further compromise. No known active exploitation in the wild has been reported to date. The lack of vendor response and public exploit availability necessitates immediate attention from organizations using this CMS version. The affected component, Template Cache Generation, is critical for CMS operation, making exploitation impactful on web content integrity and availability.

The potential impact of CVE-2026-3289 includes unauthorized access to sensitive files and data leakage, which compromises confidentiality. Attackers could also modify or overwrite files, affecting the integrity of the CMS and potentially leading to website defacement or injection of malicious code. Availability could be impacted if critical files are deleted or corrupted, disrupting web services. Since exploitation requires only low privileges and no user interaction, attackers with limited access could escalate their control or pivot to other systems. Organizations relying on Sanluan PublicCMS 6.202506.d for web content management are at risk of data breaches, reputational damage, and operational disruption. The absence of a vendor patch and the presence of a public exploit increase the likelihood of exploitation attempts, especially by opportunistic attackers. This vulnerability could be leveraged as an initial foothold in targeted attacks or as part of broader campaigns against web infrastructure.

Organizations should immediately audit their use of Sanluan PublicCMS to identify installations running version 6.202506.d. Until a vendor patch is available, implement strict access controls to limit who can interact with the CMS, especially restricting low-privilege accounts from accessing the Template Cache Generation functionality. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attempts targeting the saveMetadata function. Monitor logs for unusual file access patterns or attempts to manipulate file paths. Consider isolating the CMS environment to minimize lateral movement if compromised. Regularly back up CMS data and configuration files to enable recovery from potential file corruption or deletion. Engage with the vendor or community for updates or unofficial patches. If feasible, upgrade to a later, unaffected version once available. Conduct penetration testing focused on path traversal vulnerabilities to identify other potential weaknesses. Educate administrators about the risks and signs of exploitation related to this vulnerability.